Section F.
INTRODUCTION TO UNIX
File Permissions and Security
Every file and directory has permissions associated with it
which determine who may or may not access that file or directory.
Just as the system administrator assigns you a user name and user
ID (UID), you are also assigned a default group name and ID (GID),
and special groups may be set up by the system administrator to
allow users to share files while working on projects, yet not
allow all users to access them.
There are three types of permissions:
1) r - gives permission to read or copy
2) w - gives permission to write to, delete, or save
3) x - gives permission to run an executable file (program) or
in the case of a directory, allows you to cd to that
directory.
You can set permissions for three classes of users:
1) you, the owner of the file or directory
2) your group
3) all others.
Display permissions of files/directories using the long format of
the ls command:
% ls -l
drwx------ 2 user_name 512 Jan 1 00:01 directory_name
-rw------- 1 user_name 50 Dec 25 12:00 ordinary_file_name
The first character indicates the type of file:
d indicates a directory
- indicates an ordinary file
Unix considers the next nine characters as three sets of three.
The first set indicates the owner's permissions, the second
indicates the groups' permissions, and the last three refer to all
other users.
The chmod command is used to change permissions and requires three
numbers between 0 and 7 (which correspond to binary digits and are
defined below), the first for owner, the second for group, and the
third for all others.
Number Binary Permission Permissions
Equivalent Bits
0 000 --- no permission
1 001 --x execute
2 010 -w- write only
3 011 -wx write and execute
4 100 r-- read only
5 101 r-x read and execute
6 110 rw- read and write only
7 111 rwx read, write, execute
Example: To reset the permissions of the file ordinary_file_name
displayed above
% chmod 700 ordinary_file_name
% ls -l ordinary_file_name
-rwx------ 1 user_name 50 Dec 25 12:00 ordinary_file_name
Only you can access the file and you can read, write, or execute
it.
Note: "Symbolic" arguments may be used instead with the chmod
command:
% chmod +x doit.csh